Auditing, Monitoring, Intrusion Prevention, Detection, and Penetration Testing The network vulnerability is a major security weakness that allows an attacker reducing computer information assurance. Vulnerability intersects three elements: a system flaw, the attacker is having access to the flaw, and ability to exploit the flaw. Thus, a security risk is classified as a vulnerability that is tied to a great significant loss. The vulnerability can erode data confidential, system integrity and availability of data.

The objective of this study is to carry out analysis of two research articles that discusses the network vulnerabilities in the IT environment. (Jackson, et al.2008, Sommer, et al. 2003). Both articles believe that attackers exploit the network vulnerabilities to inflict damages in the information systems. Moreover, the two articles agree that the traditional securities such as network IDS (intrusion detection system) (Sommer, et al. 2003) and DNS pinning (Jackson, et al.2008) are no more effective in guiding against the network vulnerabilities, and recommends effective security strategies to protect the information systems.

Summary of Article 1

This study provides the critics of the article titled "Protecting Browsers from DNS Rebinding Attacks" (Jackson, Barth, Bortz, Shao, et al. 2008 p 1). The authors identify the DNS rebinding attacks as one of the vulnerabilities of the network attacks used to subvert the "browsers and convert them into open network proxies." (Jackson, et al. 2008 p 1). In other words, the DNS rebinding attack has been identified as the core security against the internet browsers used to hijack IP address and circumvent firewalls.

Typically, hackers can use the tactics to circumvent firewall by sending the email spam as well as defrauding the PPP (pay per click) adverts. The authors also reveal that an attacker can highjack 100,000 IP addresses with less than $100. The article argues that DNS rebinding attacks and subversion are real in a real world, and can be used to penetrate browsers, Flash, and Adobe, which can have serious security implications on Web 2.0 application packing more action and code on the client. Thus, relying on the only firewall for protection is risky since attackers can subvert the firewall with the DNS rebinding attacks. The authors also explain in-depth the strategy that attackers use in manipulating the multimedia plug-ins, which include Flash Player, Microsoft Silverlight and Java bypassing the security systems of the browsers such as Mozilla Firefox, Internet Explorer, Opera, and Safari.

According to the study, the DNS rebinding attacks are able to confuse the browser and converting the browsers into open proxies. With DNS rebinding, attackers can circumvent the firewalls in order to spider the corporate intranets, compromised the unpatched internal machines, and infiltrate sensitive documents. Jackson, et al. (2008) further reveal that an attacker can send spam emails to hijack the IPs, frame clients, and commit click frauds. Thus, the DNS vulnerabilities allow attackers to write and read the network sockets, and use the Javascript-based botnets to send the HTTP requests. The authors also point out that an attacker only needs to create a website to launch an attack, and the strategy is by using the website to attract the web traffic using the DNS queries to launch the malicious Javascript to circumvent the firewall.

Jackson et al. (2008) argue that attackers can circumvent firewall by launching a request on the website, rebinding the hostname of the target server making it inaccessible to the public internet. The strategy will confuse the browser and make it thinking that the two servers are from the same source because they share the same host name. When the DNS Rebinding bypasses the firewall, it will take over the entire system and affect every file of the target network.

The authors also discuss the strategy that attackers can employ in hijacking the IP. The method is by using the DNS attack against the machine to make them inaccessible to the legitimate users. Moreover, the attacker can explicitly and implicitly abuse the public services to masquerade as...

While the authors mention the DNS pinning as one of the securities strategies against the DNS rebinding, however, DNS pinning is no more effective because current browsers integrate the plug-ins in order to add functionality to the web pages. The authors suggest that users should offer security to their firewall by blocking certain ports that include port 53 to prevent the outbound traffic on the port. Moreover, the authors suggest that users should constantly update the firewall patches to assist in blocking the unauthorized traffic. Essentially, keeping firewall updated is critical in assisting the users staying ahead of the attack. The authors also recommend that users should use the combination of the hardware firewall and software firewall to achieve maximum protection against the DNS rebinding attack. The authors recommend that users should constantly update their Java applet and Flash players since developers update their plug-ins as new vulnerable is identified. The authors also suggest that the users should protect the browsers against the DNS rebinding attack by changing the browser's default setting to a more tailored setting to enhance effective protection of the browsers. Critically, the default setting can open users to attacks, and by modifying the browser default setting, an attacker will face challenges in launching attacks on plug-ins and browsers.
Analysis

Overview of the article reveals that the authors enhance a greater understanding of the DNS Rebinding attacks, and the research elucidate issues relating to plug-ins vulnerabilities and solution to the problems. The strength of the research is that the authors divide the vulnerabilities into groups and subgroups to enhance an easy grasping of the problems. Moreover, the authors avoid using the technical and complex languages to make wider audience understanding the article. The study also provides the detail information of the strategy that attackers employ in implementing vulnerabilities. For example, it only needs an attacker to create a website such as www.attacker.com and use the strategy to launch a DNS rebinding attack. For example, the attacker only needs to launch the web attract traffics to the domain through an advert and attract the visiting clients to his server and then serve malicious Javascript to on the visitors. Though the information provided, users will be able to develop an effective strategy to identify vulnerabilities and protect their IT and computer infrastructures. Despite the strategy the authors employ in elaborating the security systems against the vulnerabilities, the authors fail to ignore the impact of the malware in aggravating vulnerabilities in the contemporary business environment. Recent trends in the network vulnerabilities show that malicious malware has become a sophisticated type of threats to the network and computer systems, and it can cause enormous damage the computer systems before the user is aware of the damage.

Contributions and Strengths

The major strength of this article is that it assists in educating the users on how easy to launch attacks on the network systems. Through, this information, the users can develop an effective strategy to protect their systems. For example, authors elaborate that an attacker only needs to spend $100 on the advert to hijack 100,000 IP address, with that cost, an advert of $1,000 will cause an enormous damage. Thus, information in the article will assist the users to elaborate a plan to overcome the DNS rebinding attacks. The simple and non-technical language used by the authors in solving the problems will assist the users in overcoming the DNS rebinding vulnerabilities.

Moreover, the authors enhance a greater understanding of the users about keeping the system up-to-date. For example, authors explain that keeping Javascript and flash player up-to-date is an effective tool to guide against the DNS rebinding vulnerability. The information is good because many users do not understand the security benefits of keeping the system update, thus, this information will enhance a greater understanding of the users that keeping the system up-to-date is an effective security strategy against the vulnerabilities.

Weaknesses and Limitations

The authors make the users understand that the DNS rebinding is the effective way, which attackers can use to bypass the firewall and cause IP hijacking, and system updating is an effective method to guide against the vulnerabilities. However, the security strategies suggested by the authors are not adequate because updating the system after the attack may not prevent the vulnerabilities because the users may not know that the attack has been launched, which may put the system at risk. The authors also suggest using the firewall to block…